[asterisk-biz] PBX got Hacked

Jai Rangi jprangi at gmail.com
Sat Feb 7 17:57:27 CST 2009


$2000 calls in one hours? The fraud user must be a professional hacker and
should have some kind of VoIP system and 10s (if not hundreds) of friends
calling at the same time.


On Sat, Feb 7, 2009 at 3:46 PM, Gregory Boehnlein <damin at nacs.net> wrote:

>  Let me guess…
>
>
>
> 1.       The Switchvox was open to the Internet
>
> 2.       The extensions were simple (three / four digits) and the
> passwords matched the extensions
>
> 3.       The attacker was able to register from the public Internet as one
> of the users and send the calls.
>
>
>
> Sounds much more like an installation done by someone who had no clue about
> IP security. Don't blame Switchvox for the installers lack of a clue..
> Switchvox is designed to run behind a firewall, and best practices for
> installation would dictate that you be very paranoid about what to allow to
> communicate w/ the PBX. Allowing it to be openly accessed on the Public
> Internet is shear stupidity.
>
>
>
> So.. what am I missing here?
>
>
>
> *From:* asterisk-biz-bounces at lists.digium.com [mailto:
> asterisk-biz-bounces at lists.digium.com] *On Behalf Of *VIP Carrier
> *Sent:* Saturday, February 07, 2009 6:36 PM
> *To:* Commercial and Business-Oriented Asterisk Discussion
> *Subject:* [asterisk-biz] PBX got Hacked
>
>
>
> Guys,
> I can't belive that our client's PBX got hacked today.
> My client has a SwitchVOX SMB and it got hacked!
> some F at ckers with a following IP's
> 91.121.132.208
> 69.60.114.222
> was able to send a calls in a matter of 1 hr for more then $2000
>
> what can I say stay a way from switchvox
>
> --
> This message has been scanned for viruses and
> dangerous content by *N2Net Mailshield*<http://www.n2net.net/Products.asp?PageId=1&SubId=14>,
> and is
> believed to be clean.
>
> _______________________________________________
> --Bandwidth and Colocation Provided by http://www.api-digital.com--
>
> asterisk-biz mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-biz
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-biz/attachments/20090207/8c467d8e/attachment-0001.htm 


More information about the asterisk-biz mailing list